Software flaws in complex applications open the way for attackers to compromise systems that host critical enterprise data. Perimeter security solves only part of the problem because global business requirements mandate open network access for mobile employees, customers and partners. Besides, firewalls do little to protect against the growing number of threats originating internally. IT organizations do much to keep their machines patched to protect against the latest threats, but this reactive security strategy still leaves businesses dangerously exposed. With experienced hackers becoming faster at exploiting vulnerabilities (zero-day attacks are increasingly common), businesses often have little or no time to download, test and apply patches to their systems.
AppArmor is the most effective and easy-to-use Linux network application security system on the market. AppArmor provides enterprise-class, host-intrusion prevention and protects the operating system and applications from the harmful effects of internal or external attacks, malicious applications and viruses. As a result, businesses can protect mission-critical data, reduce system administration costs and ensure compliance with government regulations. More ›
No Chinks in the Armor
Comprehensive enterprise-wide network application security requires attention to both users and applications. Novell is the only Linux vendor that provides market-leading identity-management solutions to protect data from unauthorized users and an enterprise Linux-application security solution to protect systems from applications whose flaws are exploited.
Unlike other application security solutions, AppArmor does not require heavy investments in training, resources or expertise. Rather, a comprehensive console and YaST-based toolset largely automate security-policy development. AppArmor tools identify the programs that need containment, capture application behavior in a "learning mode" and turn that behavior into security policy—all from a single graphical interface.
Simple to Use
Many network application security solutions never meet the purposes for which they were designed because they are too complex or require too much maintenance. AppArmor, on the other hand, is designed to get you started quickly with minimal investment in time and resources. Its name-based access-control method does not require relabeling of the file system as other methods do, and applications don't have to be modified to benefit from AppArmor protection. In addition, the default configuration of AppArmor includes a number of predefined profiles for common Linux programs like web, email and remote-login servers that can be deployed immediately. Security profiles for custom or third-party applications can be developed using the included wizard-based tools, which also make policy updates simple as your environment change.
Easy to Audit
AppArmor profiles completely define which system resources an application can access and with which privileges it can do so. Because they are written in standard UNIX syntax with no new jargon, the profiles can be audited quickly for the security implications of a profiled application. Further, AppArmor contains built-in reporting capabilities so that system administrators can quickly view AppArmor related events, schedule reports and aggregate events from multiple systems into a common report.
Many web applications are written in interpreted scripting languages such as Perl, PHP or Python. AppArmor provides a powerful capability to confine individual web applications even though they are executed inside Apache using modules such as mod_perl, mod_php or mod_python. AppArmor allows Apache to change context and apply a specific security profile to the script about to be executed. This tight confinement keeps individual scripts from tampering with the larger application, which typically has a wider set of privileges.
Because vulnerable software is the culprit in many network attacks, organizations spend considerable time and resources trying to keep their servers up-to-date with patches. However, frenzied patching is rarely a sound approach. The increasing occurrence of zero-day attacks means that exploits are often developed before patches become available, and the rush to patch may cause new problems with other software running on the system. AppArmor reduces urgent system patching by stopping attacks before they impact your system. Patching becomes a scheduled maintenance activity instead of an emergency, resulting in greater IT productivity.
No Licensing Fees
As an open source offering from SUSE, AppArmor Linux application security has no licensing fees. AppArmor is included in the SUSE Linux Enterprise 11 products and in openSUSE.
SUSE now offers maintenance and support for AppArmor so you can ensure its optimal implementation in your environment. You can access the world-class SUSE support infrastructure 24x7x365; SUSE support technicians are trained in AppArmor to ensure outstanding support quality.